Intelligent alert prioritization, improving the signal to noise ratio by a factor of two

Native and API-based integration with popular DevOps tools

Problem

DevOps and Continuous Delivery practices are being widely used by organizations that want agility and faster
time-to-market to better respond to changing business needs. Development, QA and operations teams face the challenge of
incorporating security into the product lifecycle without slowing things down. Siloed approaches to security hardening
that worked in the past are incompatible with the holistic, iterative model of software development and deployment with DevOps.
For example, security reviews involved mostly manual processes at the end of product development and QA. Any security risks or issues
identified in the product sent the code back to development, causing significant delays.

Solution

The Dome9 Arc platform allows you to incorporate security and compliance into how you build,
deploy and run applications in the public cloud without sacrificing agility.
Dome9 provides the security foundation for Rugged DevOps with tools that allow automated testing and enforcement of security.
Here are four ways in which DevOps teams can harden their applications with Dome9 Arc:

Validation Before Deployment: Test the security and compliance posture of application architectures (e.g., AWS CloudFormation templates) with a single click prior to deployment.

Automated Testing During Development: Use the Dome9 Arc API to incorporate testing of security best practices and compliance into the continuous build processes early in the cycle.

Security During Deployment: Maintain a closed-by-default security posture in the cloud by locking down cloud environments except to allow authorized software deployment.

Actionable Alerts: Streamline alerts in highly dynamic cloud environments with machine intelligence,
allowing operations teams to focus on alerts that require immediate attention. These real-time,
actionable alerts and notifications are delivered in AWS environments through the Simple Notification Service (SNS),
which can be consumed by downstream applications such as Splunk, Sumo Logic, Graylog and Loggly.

The Dome9 Rugged DevOps solution allows security and compliance to be incorporated early and often into the software development and deployment lifecycle. With security checks built into the continuous deployment pipeline rather than at the end, DevOps is able to find and fix security vulnerabilities early, accelerating an organization’s time-to-market. The Dome9 API allows security to simplify integration with popular DevOps tools, allowing Dome9 services to be built into automated workflows.

To succeed in a busy and growing DevOps environment, we need to empower all of our employees to get their jobs done on their own,
while maintaining oversight and control over what is changing.
Dome9 allows everyone to do what they need to do, without sacrificing the ability to monitor and stop changes that aren’t supposed to happen.